Cloudmark Security Blog

The Pirate Bay Hits Rough Seas

On the morning of December 9th, Swedish Police in Nacka, Stockholm raided a data center in connection with copyright violations. The takedown, aimed at enforcing international intellectual property rights, hit the servers of popular torrent site The Pirate Bay (TPB). Other torrenting and Pirate Bay sites seem to have been hit as well including the Pirate Bay’s forums Suprbay.org, Bayimg.com, Pastebay.net, EZTV, Zoink, Torrage, and Istole tracker.

Hat tip to Andyat TorrentFreak for all the hard work covering many of these events.

The sole purpose of these sites is centered on distributing users’ files — whichever files they choose — via what are known as Torrents. These torrent files contain, very simply, just metadata about the pertinent files and folders the user is distributing along with the location of trackers. Trackers are servers that help connect individuals (or peers) with one another who are looking to retrieve those files.

Note, no part of the actual content is actually contained in the torrent files, just meta data. Users of the BitTorrent protocol and the famous Pirate Bay portal have taken to using these torrents to legally and sometimes illegally share files such as music and movies. The music and movie industries have taken notice of this and have on going efforts to curb illegal usage. One of their methods for curbing these activities are these types of server room raids.

In this particular raid, police officers and digital forensics experts seized several servers and computers from the Nacka server room. This isn’t the Pirate Bay’s first rodeo though, they’ve survived previous raids and arrests with sometimes only hours of downtime. The on going saga of which was detailed publicly on the site prior to the most recent seizure. Many expected a similar situation this time around as well.

Because of this, only hours after the raid, news quickly spread of a new home and domain for The Pirate Bay, ThePirateBay.cr, hosted via the Costa Rican TLD “.CR”. However, as wonderful as it may have been to find torrents of the Pirates of the Caribbean via pirates next to the Caribbean, not all is as it seems.

While the .CR site is legitimately listed by ProxyBay as a proxy for The Pirate Bay, the .CR proxy is only just that — a proxy. The few torrents searchable on it are simply cached results. On top of this, it appears some are already suspiciously leveraging its new found popularity with novelty merchandise such as t-shirts, mugs, and keychains.

Updates also noted that the .CR domain began redirecting to yet another site: thepiratebay.ee. This new domain was then scamming users into paying $4 or £4 to access torrents on the site. The pay wall has since been removed, but the actual Pirate Bay has yet to be resurrected.

In the resulting fallout, the site’s own original co-creator, Peter Sunde, weighed in. In his blog post, Sunde blatantly stated that he does not care about the closure, and in fact, he seems to be almost happy stating that he’s “not been a fan of what TPB has become,” and that “it feels good that it might have closed down forever.”

The Pirate Bay co-founders and BitTorrent at large has been under attack via other legal and technical fronts as well. Fredrik Neij’s arrest last month marked the final arrest of all three co-founding members of The Pirate Bay with each serving prison time for their part in creating the site.

In the United States, the MPAA (music industry) is preparing research on various legal maneuvers to block any transgressing site they find to be in violation of intellectual property law. Previous attempts have been made at the congressional level via the SOPA act which was met with so much back public backlash for it’s censorship powers that it was scrapped.

Sony’s response to a recent data breach and subsequent spread of private internal documents has highlighted the company’s willingness to take matters into their own hands and use technical sabotage against torrenting. It was revealed that Sony setup a large number of ‘bad seeds’ as fake, corrupted stand-ins for the actual files being shared via BitTorrent.

So far, BitTorrent has proven to be remarkably robust. The distributed architecture and the fact that it has many legitimate uses has made it less vulnerable to the sort of legal challenges that took down Napster and Megaupload, or the technical attacks that largely disabled the eDonkey network. It does appear that at least one of the major torrenting service hit by this raid, EZTV, has been slowly bouncing back. However, there are still several very large companies and entire industries determined to shut down the sharing of copyrighted materials using the Bittorrent protocol. It remains to be seen if they will succeed, or if the current events will only be a temporary setback for the Pirate Party.

EDIT: It appears that popular torrent search engine IsoHunt has unofficially resurrected a copy of the Pirate Bay at oldpiratebay.org